In computer systems such as operating systems (OSs), status information may be stored in data structures such as OS-level or kernel-level data structures. For example, the Process Control Block (PCB) may store information about processes currently being executed on the system. As another example, the per-CPU run queues may provide an indication to the OS as to which processes are to be executed next. As another example, the information that defines the credentials, such as the user ID and privilege level, of each process running inside the operating system is defined by a special data structure.
In computer systems, the integrity of these data structures is critical to the system security. For example, an intruder can hide the existence of a malicious process by removing its information from the list of existing running processes. As another example, if an intruder succeeds in maliciously modifying any of the data structures that define these credentials, they can escalate the privilege of their own user processes which can cause damage to the system. The damage may include, but is not limited to, accessing the data of other users or taking full control of the system.
The above information is presented as background information only to assist with an understanding of the present disclosure. No determination has been made, and no assertion is made, as to whether any of the above might be applicable as prior art with regard to the present disclosure.